Skip to content

Commit b900b73

Browse files
Woody4618Woody4618
committed
Create reusable-build.yaml
1 parent ff63488 commit b900b73

File tree

1 file changed

+277
-0
lines changed

1 file changed

+277
-0
lines changed

.github/workflows/reusable-build.yaml

Lines changed: 277 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,277 @@
1+
name: Reusable Build Program
2+
3+
on:
4+
workflow_call:
5+
inputs:
6+
program:
7+
description: "Program to build"
8+
required: true
9+
type: string
10+
network:
11+
description: "Target network for deployment"
12+
required: false
13+
default: "devnet"
14+
type: string
15+
deploy:
16+
description: "Deploy program"
17+
required: false
18+
type: boolean
19+
default: false
20+
upload_idl:
21+
description: "Upload IDL"
22+
required: false
23+
type: boolean
24+
default: true
25+
verify:
26+
description: "Verify build"
27+
required: false
28+
type: boolean
29+
default: true
30+
use-squads:
31+
description: "Use Squads for deployment"
32+
required: false
33+
type: boolean
34+
default: false
35+
secrets:
36+
DEVNET_SOLANA_DEPLOY_URL:
37+
required: false
38+
MAINNET_SOLANA_DEPLOY_URL:
39+
required: false
40+
DEVNET_DEPLOYER_KEYPAIR:
41+
required: false
42+
MAINNET_DEPLOYER_KEYPAIR:
43+
required: false
44+
PROGRAM_ADDRESS_KEYPAIR:
45+
required: false
46+
DEVNET_MULTISIG:
47+
required: false
48+
DEVNET_MULTISIG_VAULT:
49+
required: false
50+
MAINNET_MULTISIG:
51+
required: false
52+
MAINNET_MULTISIG_VAULT:
53+
required: false
54+
55+
env:
56+
SOLANA_VERIFY_VERSION: "0.4.0"
57+
58+
jobs:
59+
build:
60+
runs-on: ubuntu-latest
61+
timeout-minutes: 60
62+
steps:
63+
- uses: actions/checkout@v3
64+
- name: Set deployment variables
65+
run: |
66+
# Network specific variables
67+
IS_MAINNET="${{ github.event.inputs.network == 'mainnet' }}"
68+
69+
# Set URLs and Keys based on network
70+
if [ "$IS_MAINNET" = "true" ]; then
71+
echo "DEPLOY_URL=${{ secrets.MAINNET_SOLANA_DEPLOY_URL }}" >> $GITHUB_ENV
72+
echo "DEPLOYER_KEYPAIR=${{ secrets.MAINNET_DEPLOYER_KEYPAIR }}" >> $GITHUB_ENV
73+
echo "MULTISIG=${{ secrets.MAINNET_MULTISIG }}" >> $GITHUB_ENV
74+
echo "MULTISIG_VAULT=${{ secrets.MAINNET_MULTISIG_VAULT }}" >> $GITHUB_ENV
75+
else
76+
echo "DEPLOY_URL=${{ secrets.DEVNET_SOLANA_DEPLOY_URL }}" >> $GITHUB_ENV
77+
echo "DEPLOYER_KEYPAIR=${{ secrets.DEVNET_DEPLOYER_KEYPAIR }}" >> $GITHUB_ENV
78+
echo "MULTISIG=${{ secrets.DEVNET_MULTISIG }}" >> $GITHUB_ENV
79+
echo "MULTISIG_VAULT=${{ secrets.DEVNET_MULTISIG_VAULT }}" >> $GITHUB_ENV
80+
fi
81+
82+
- uses: ./.github/actions/extract-versions/
83+
id: versions
84+
85+
- uses: ./.github/actions/setup/
86+
87+
- name: Debug Environment Before Anchor Setup
88+
run: |
89+
echo "=== Environment Variables Before Anchor Setup ==="
90+
env | grep -E "SOLANA|ANCHOR"
91+
echo "==========================="
92+
93+
- name: Install Solana
94+
uses: ./.github/actions/setup-solana
95+
96+
- name: Install Anchor
97+
uses: ./.github/actions/setup-anchor
98+
with:
99+
anchor-version: ${{ env.ANCHOR_VERSION }}
100+
101+
- name: Set Program Variables
102+
run: |
103+
PROGRAM="${{ github.event.inputs.program || 'transaction-example' }}"
104+
PROGRAM_NAME=${PROGRAM//-/_}
105+
echo "Looking for program ${PROGRAM_NAME} in Anchor.toml"
106+
cat ./Anchor.toml
107+
echo "Running toml command:"
108+
~/.cargo/bin/toml get ./Anchor.toml programs.localnet.${PROGRAM_NAME} || true
109+
PROGRAM_ID=$(~/.cargo/bin/toml get ./Anchor.toml programs.localnet.${PROGRAM_NAME} | tr -d '"')
110+
echo "Program: $PROGRAM_ID"
111+
echo "PROGRAM_NAME=${PROGRAM_NAME}" >> $GITHUB_ENV
112+
echo "PROGRAM_ID=${PROGRAM_ID}" >> $GITHUB_ENV
113+
114+
- name: Extract Addresses from Keypairs
115+
run: |
116+
# Extract deployer addresses
117+
if [ "$IS_MAINNET" = "true" ]; then
118+
echo "${{ secrets.MAINNET_DEPLOYER_KEYPAIR }}" > deployer-keypair.json
119+
echo "DEPLOYER_ADDRESS=$(solana-keygen pubkey deployer-keypair.json)" >> $GITHUB_ENV
120+
rm deployer-keypair.json
121+
else
122+
echo "${{ secrets.DEVNET_DEPLOYER_KEYPAIR }}" > deployer-keypair.json
123+
echo "DEPLOYER_ADDRESS=$(solana-keygen pubkey deployer-keypair.json)" >> $GITHUB_ENV
124+
rm deployer-keypair.json
125+
fi
126+
127+
# Extract program address if keypair exists
128+
if [ ! -z "${{ secrets.PROGRAM_ADDRESS_KEYPAIR }}" ]; then
129+
echo "${{ secrets.PROGRAM_ADDRESS_KEYPAIR }}" > program-keypair.json
130+
echo "PROGRAM_ADDRESS=$(solana-keygen pubkey program-keypair.json)" >> $GITHUB_ENV
131+
rm program-keypair.json
132+
fi
133+
134+
- name: Debug Initial Structure
135+
run: |
136+
echo "Current directory structure:"
137+
pwd
138+
ls -la
139+
echo "Programs directory:"
140+
ls -la programs/ || true
141+
echo "Anchor.toml contents:"
142+
cat Anchor.toml
143+
144+
- uses: ./.github/actions/build-anchor/
145+
with:
146+
testing: false
147+
devnet: ${{ github.event.inputs.network == 'devnet' }}
148+
program: ${{ env.PROGRAM_NAME }}
149+
150+
- uses: ./.github/actions/build-verified/
151+
id: build-verified
152+
with:
153+
verify-version: ${{ env.SOLANA_VERIFY_VERSION }}
154+
devnet: ${{ github.event.inputs.network == 'devnet' }}
155+
program: ${{ env.PROGRAM_NAME }}
156+
program-id: ${{ env.PROGRAM_ID }}
157+
158+
- name: Create local artifacts directory
159+
run: |
160+
# Create directories
161+
mkdir -p build-artifacts/so
162+
mkdir -p build-artifacts/idl
163+
164+
# Check if source files exist
165+
echo "Checking source files:"
166+
ls -la ./target/deploy/
167+
ls -la ./target/idl/
168+
169+
# Copy with verbose flag
170+
cp -v ./target/deploy/${{ env.PROGRAM_NAME }}.so build-artifacts/so/
171+
cp -v ./target/idl/${{ env.PROGRAM_NAME }}.json build-artifacts/idl/
172+
173+
# Check copied files
174+
echo "Checking copied files:"
175+
ls -la build-artifacts/so/
176+
ls -la build-artifacts/idl/
177+
178+
# Set permissions
179+
chmod -R 777 build-artifacts/
180+
181+
echo "Artifacts copied to project directory at:"
182+
echo "SO file: ./build-artifacts/so/${{ env.PROGRAM_NAME }}.so"
183+
echo "IDL file: ./build-artifacts/idl/${{ env.PROGRAM_NAME }}.json"
184+
185+
- name: Store so files
186+
if: ${{ !env.ACT }} # Only run on GitHub Actions, skip for local act runs
187+
uses: actions/upload-artifact@v3
188+
with:
189+
name: ${{ env.PROGRAM_NAME }}-so
190+
path: |
191+
./target/deploy/${{ env.PROGRAM_NAME }}.so
192+
193+
- name: Store idl files
194+
if: ${{ !env.ACT }} # Only run on GitHub Actions, skip for local act runs
195+
uses: actions/upload-artifact@v3
196+
with:
197+
name: ${{ env.PROGRAM_NAME }}-idl
198+
path: |
199+
./target/idl/${{ env.PROGRAM_NAME }}.json
200+
201+
- name: Print Artifact Locations
202+
run: |
203+
echo "Artifacts stored locally at:"
204+
echo "SO file: ./artifacts/build/${{ env.PROGRAM_NAME }}-so/target/deploy/${{ env.PROGRAM_NAME }}.so"
205+
echo "IDL file: ./artifacts/build/${{ env.PROGRAM_NAME }}-idl/target/idl/${{ env.PROGRAM_NAME }}.json"
206+
207+
- uses: ./.github/actions/write-program-buffer/
208+
id: program-buffer
209+
if: github.event_name == 'workflow_dispatch' && github.event.inputs.deploy == 'true'
210+
with:
211+
program-id: ${{ env.PROGRAM_ID }}
212+
program: ${{ env.PROGRAM_NAME }}
213+
rpc-url: ${{ env.DEPLOY_URL }}
214+
keypair: ${{ env.DEPLOYER_KEYPAIR }}
215+
buffer-authority-address: ${{ github.event.inputs.use-squads == 'true' && env.MULTISIG_VAULT || env.DEPLOYER_ADDRESS }}
216+
217+
- uses: ./.github/actions/write-idl-buffer/
218+
id: idl-buffer
219+
if: github.event_name == 'workflow_dispatch' && github.event.inputs.upload_idl == 'true'
220+
with:
221+
program-id: ${{ env.PROGRAM_ID }}
222+
program: ${{ env.PROGRAM_NAME }}
223+
rpc-url: ${{ env.DEPLOY_URL }}
224+
keypair: ${{ env.DEPLOYER_KEYPAIR }}
225+
idl-authority: ${{ github.event.inputs.use-squads == 'true' && env.MULTISIG_VAULT || env.DEPLOYER_ADDRESS }}
226+
227+
- uses: ./.github/actions/program-upgrade/
228+
if: github.event_name == 'workflow_dispatch' && github.event.inputs.deploy == 'true' && github.event.inputs.use-squads == 'false'
229+
with:
230+
program-id: ${{ env.PROGRAM_ID }}
231+
program: ${{ env.PROGRAM_NAME }}
232+
buffer: ${{ steps.program-buffer.outputs.buffer }}
233+
rpc-url: ${{ env.DEPLOY_URL }}
234+
keypair: ${{ env.DEPLOYER_KEYPAIR }}
235+
program-keypair: ${{ secrets.PROGRAM_ADDRESS_KEYPAIR }}
236+
237+
- uses: ./.github/actions/idl-upload/
238+
if: github.event_name == 'workflow_dispatch' && github.event.inputs.upload_idl == 'true' && github.event.inputs.use-squads == 'false'
239+
with:
240+
program-id: ${{ env.PROGRAM_ID }}
241+
rpc-url: ${{ env.DEPLOY_URL }}
242+
keypair: ${{ env.DEPLOYER_KEYPAIR }}
243+
idl-buffer: ${{ steps.idl-buffer.outputs.buffer }}
244+
245+
- uses: ./.github/actions/verify-build/
246+
id: verify-build
247+
if: github.event_name == 'workflow_dispatch' && github.event.inputs.verify == 'true'
248+
with:
249+
verify-version: ${{ env.SOLANA_VERIFY_VERSION }}
250+
program-id: ${{ env.PROGRAM_ID }}
251+
program: ${{ env.PROGRAM_NAME }}
252+
network: ${{ github.event.inputs.network }}
253+
rpc-url: ${{ env.DEPLOY_URL }}
254+
keypair: ${{ env.DEPLOYER_KEYPAIR }}
255+
repo-url: ${{ github.server_url }}/${{ github.repository }}
256+
commit-hash: ${{ github.sha }}
257+
use-squads: ${{ github.event.inputs.use-squads }}
258+
vault-address: ${{ env.MULTISIG_VAULT }}
259+
260+
- name: Deploy Program (Squads)
261+
if: github.event.inputs.deploy == 'true' && github.event.inputs.use-squads == 'true'
262+
run: |
263+
# Install dependencies
264+
npm install @sqds/multisig @solana/web3.js @coral-xyz/anchor yargs
265+
266+
echo "PDA Transaction: ${{ steps.verify-build.outputs.pda_tx }}"
267+
268+
# Run upgrade script
269+
npx ts-node scripts/squad-upgrade.ts \
270+
--rpc ${{ env.DEPLOY_URL }} \
271+
--program ${{ env.PROGRAM_ID }} \
272+
--buffer ${{ steps.program-buffer.outputs.buffer }} \
273+
--idl-buffer ${{ steps.idl-buffer.outputs.buffer }} \
274+
--multisig ${{ env.MULTISIG }} \
275+
--keypair <(echo '${{ env.DEPLOYER_KEYPAIR }}') \
276+
--name "Deploy ${{ env.PROGRAM_NAME }}" \
277+
--pda-tx '${{ steps.verify-build.outputs.pda_tx }}'

0 commit comments

Comments
 (0)